When deploying any changes with the CDK that require IAM policy updates, you get the following message:
This deployment will make potentially sensitive changes according to your current security approval level
which is followed by the list of policy changes to be made and then a confirmation dialog. In general I think this is a good thing to have, but unfortunately it makes automating deployments difficult.
Is there a hidden flag or environment variable that can be set to skip this confirmation? Something like Terraform's -auto-approve flag.
The following flag on the cdk deploy command can be used to skip this confirmation.
--require-approval never
This is documented on this page. The full list of options can also be found by running cdk deploy --help